Threat DS.A.HPDOcDS-V.6

URI: DS.A.HPDOcDS-V.6

Description: Process Process cannot create encrypted data Data: if the local copy of Data is encrypted, then process Process that creates the data will be unable to store that copy unless it has a key or can produce the data in the encrypted domain.

Threat Type: Secondary Threat

Matching Pattern:

MP-HPDOcDS-V

Finds a Host running a Process that CRUD creates locally stored Data not encrypted with keys from a vault, which it produces as output, plus optionally the host and process managers.

DS.X.HDSV.6

Stored copy of Data on Host is encrypted: which means this copy is not available for unencrypted access.

DS.X.HDS-V.6

Stored copy of Data on Host is encrypted: which means this copy is not available for unencrypted access.

D.A.DallDS.0

Loss of availability in all copies of Data: the system is supposed to store the data Data, so if there are no available stored copies, the system-level availability of Data is affected.

DF.A.HPDSDADF.0

Service Process cannot serve unavailable data Data to FlowsTo: the locally stored copy of Data on Host used by Process is not available, so cannot be sent in a data flow to FlowsTo.

Hu.T.HuirPvDS.0.2

User Human affected by out of date data Data read by process Process: if a locally stored copy of Data is unavailable, and this would have been loaded by process Process and displayed to user Human, they may make decisions based on out of date information.

P.A.HPuDSDI.0

Process Process cannot access copy of Data stored on Host: since process Process depends on having access to Data via a stored copy on its host device Host , if the stored copy is not available then the availability of Process will be affected.

P.T.HP-uDSDI.0

Lack of stored input Data at Host delays Process: since process Process uses the locally stored copy of data Data but does not depend on it, if that copy is unavailable, the process can continue but will be processing out of date information.

(empty)

LossOfAvailability at Role_DataCopy

CSG-DataAccessKey	Process *Process* has a key for encrypting or decrypting data *Data*.
CSG-EncryptedDataProcessing	Process *Process* uses homomorphic encryption technology to perform calculations on data *Data* in an encrypted domain, allowing it to process the data without first decrypting.

Threat DS.A.HPDOcDS-V.6

MP-HPDOcDS-V

Triggered by Threat (2)

DS.X.HDSV.6

DS.X.HDS-V.6

Triggers Secondary Threats (5)

D.A.DallDS.0

DF.A.HPDSDADF.0

Hu.T.HuirPvDS.0.2

P.A.HPuDSDI.0

P.T.HP-uDSDI.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (2)